Suggestion for how to add docker compose network to whitelist

In case anyone is trying to use docker compose and being blocked from doing admin commands, this solution has worked for me:

#!/usr/bin/env bash

set -e

RUNNING_DGRAPH_CONTAINERS=$(docker-compose ps -q 2>/dev/null | wc -l)

# dgraph only accepts admin REST requests from whitelisted IP's, hence the added
# complexity of explicit docker networks and IP address fetching.

if [ "$RUNNING_DGRAPH_CONTAINERS" -ne 3 ]; then
	docker network create dgraph_dev || true
	WHITELISTED=$(docker network inspect dgraph_dev | jq '.[0].IPAM.Config[0].Gateway')
	export WHITELISTED
	docker-compose up -d
fi

docker-compose.yml:

version: "3.2"
services:
  zero:
    image: dgraph/dgraph:v20.07.0
    volumes:
      - "./dgraph:/dgraph"
    ports:
      - 5080:5080
      - 6080:6080
    restart: on-failure
    command: dgraph zero --my=zero:5080

  alpha:
    image: dgraph/dgraph:v20.07.0
    volumes:
      - "./dgraph:/dgraph"
    ports:
      - 8080:8080
      - 9080:9080
    restart: on-failure
    command: dgraph alpha --whitelist="${WHITELISTED}" --my=alpha:7080 --lru_mb=2048 --zero=zero:5080

  ratel:
    image: dgraph/dgraph:v20.07.0
    ports:
      - 8000:8000
    command: dgraph-ratel

networks:
  default:
    external:
      name: dgraph_dev
1 Like

This is useful knowledge for the community so I have made the post a wiki.